2.1615

The number of websites and web services being monitored by Tracker is increasing. This increase is expected to impact your organization's summary scores for Hypertext Transfer Protocol Secure (HTTPS) and Domain-based Message Authentication, Reporting & Conformance (DMARC).

The Tracker’s primary account is being designated to the Designated Official for Cyber Security (DOCS) of each organization. This will provide DOCS visibility into changes affecting their organization’s digital security.

Other Changes:

• Get notified when your digital footprint changes. Daily email notification when changes occur to your organization's digital footprint
• Monitor changes to your organization using the audit logs. Improved logging to understand changes to your digital footprint
• Request affiliation with organizations. Users can request affiliation with your organization
• New SSL/TLS scanning capabilities. Can analyze the SSL/TLS configuration of all servers behind a domain
• New dashboard metrics. Access to your September 2023 score is available for your organization
• Tag the domains that matter. Help calibrate your score by tagging production systems
• myTracker. Track what matters to you

Other changes, bug fixes, and security updates have been applied.

What's Changed

• Handle improper max_age directive by @FestiveKyle in #4478
• Getting started documentation by @lcampbell2 in #4435
• Make scanner service sleep at beginning of handler - hopefully fix async by @FestiveKyle in #4494
• Fix info button styling by @lcampbell2 in #4497
• Add certificates to filters by @lcampbell2 in #4464
• Separate connect and read timeouts for http requests by @FestiveKyle in #4500
• Only create affiliation on invite if not already affiliated by @FestiveKyle in #4505
• Added protection in useDebouncedFunction by @lcampbell2 in #4502
• Send bilingual org invite/create account email by @FestiveKyle in #4513
• Add script to downgrade list of affiliations to the "USER" level by @FestiveKyle in #4508
• Add script for mass inviting users by @FestiveKyle in #4506
• Use the invited user's preferred language in email by @FestiveKyle in #4516
• Bring B features over to A stream by @lcampbell2 in #4432
• Users can request invites to organizations by @lcampbell2 in #4507
• New summary charts by @lcampbell2 in #4498
• add new api secrets to cloudbuild by @lcampbell2 in #4526
• Change insider wording by @lcampbell2 in #4148
• change feature preview banner wording by @lcampbell2 in #4529
• Update connection chain results display by @lcampbell2 in #4530
• Bump requests from 2.28.0 to 2.31.0 in /scanners/web-processor by @dependabot in #4539
• Bump requests from 2.28.1 to 2.31.0 in /scanners/dns-scanner by @dependabot in #4540
• Bump requests from 2.28.1 to 2.31.0 in /scanners/web-scanner by @dependabot in #4541
• Bump requests from 2.28.2 to 2.31.0 in /services/summaries by @dependabot in #4542
• Bump requests from 2.26.0 to 2.31.0 in /scanners/log4shell-scanner by @dependabot in #4538
• Archive organization mutation by @lcampbell2 in #4544
• Fix tiered summary chart text by @lcampbell2 in #4546
• Find my orgs filter verified by @lcampbell2 in #4548
• Filter domains by rcode blocked pending status by @lcampbell2 in #4550
• Alert org admins of recent activity by @lcampbell2 in #4524
• Bump requests from 2.26.0 to 2.31.0 in /scanners/log4shell-scanner by @dependabot in #4554
• Upgrade base image by @FestiveKyle in #4559
• Update base image summaries by @FestiveKyle in #4560
• Pin cloudbuild arango version by @FestiveKyle in #4562
• Reveal hidden domains to admins by @lcampbell2 in #4553
• Redirect org footprint emails to tracker by @lcampbell2 in #4564
• Allow removal of nxdomains by @lcampbell2 in #4565
• use ignore_domain func to exclude domains from summaries by @lcampbell2 in #4566
• Optimize domain connections by user id loader by @FestiveKyle in #4575
• Clean up transaction calls by @FestiveKyle in #4578
• Fix collected domains query for myTracker by @FestiveKyle in #4579
• Return domain object for collected domains in myTracker view by @FestiveKyle in #4581
• Update k8s cronjob versions by @FestiveKyle in #4580
• Ac update by @FestiveKyle in #4561
• Remove istio injection from db namespace by @FestiveKyle in #4584
• add services dir to image path in org-footprint cloudbuild by @lcampbell2 in #4585
• Bump cryptography from 39.0.1 to 41.0.0 in /scanners/web-scanner by @dependabot in #4569
• add flag to tag domains as staging in bulk add by @lcampbell2 in #4587
• change RoleEnum to InvitationRoleEnums in InviteUserToOrg mutation by @lcampbell2 in #4590
• Reveal 2.1615 features by @lcampbell2 in #4589

Full Changelog: 2.1.0-beta...2.1615

2.1.0-beta

What's Changed

• Changes from pull request 3700 and below have been removed. To obtain a comprehensive overview, please refer to the commit history or system documentation.
• Remove grafana gke by @FestiveKyle in #3701
• Upgrade arangodb by @FestiveKyle in #3702
• Add flux image update secrets by @FestiveKyle in #3705
• Fix git repo patch by @FestiveKyle in #3706
• Fix istio hpaspec by @sleepycat in #3707
• Frontend unused deps by @lcampbell2 in #3709
• remove graphql-voyager by @lcampbell2 in #3714
• Bump eslint-plugin-import from 2.24.2 to 2.26.0 in /services/super-admin by @dependabot in #3589
• Bump eslint-config-prettier from 8.3.0 to 8.5.0 in /frontend by @dependabot in #3609
• Bump eslint-config-prettier from 8.3.0 to 8.5.0 in /services/super-admin by @dependabot in #3611
• Bump eslint-config-standard from 16.0.3 to 17.0.0 in /services/dmarc-report by @dependabot in #3620
• Bump @testing-library/react from 11.2.7 to 12.1.5 in /frontend by @dependabot in #3723
• Bump dotenv from 8.6.0 to 16.0.1 in /frontend by @dependabot in #3674
• Bump jest from 27.3.1 to 28.1.0 in /services/super-admin by @dependabot in #3658
• Bump source-map-loader from 2.0.2 to 3.0.1 in /frontend by @dependabot in #3716
• Bump jest from 27.5.1 to 28.1.0 in /services/dmarc-report by @dependabot in #3660
• Bump jest-matcher-utils from 27.5.1 to 28.1.0 in /services/dmarc-report by @dependabot in #3659
• Bump jest-matcher-utils from 27.4.2 to 28.1.0 in /services/super-admin by @dependabot in #3657
• Bump eslint-plugin-jest from 26.1.4 to 26.2.2 in /services/dmarc-report by @dependabot in #3681
• Bump react-phone-input-2 from 2.14.0 to 2.15.0 in /frontend by @dependabot in #3727
• Bump eslint-plugin-jest from 26.1.4 to 26.2.2 in /services/super-admin by @dependabot in #3717
• Bump eslint from 8.15.0 to 8.16.0 in /services/dmarc-report by @dependabot in #3726
• Bump @babel/plugin-transform-runtime from 7.16.8 to 7.18.2 in /frontend by @dependabot in #3725
• Bump pyjwt from 2.3.0 to 2.4.0 in /scanners/dns-processor by @dependabot in #3720
• Bump pyjwt from 2.1.0 to 2.4.0 in /services/guidance by @dependabot in #3719
• Bump pyjwt from 2.3.0 to 2.4.0 in /scanners/dns-processor by @dependabot in #3733
• Bump pyjwt from 2.3.0 to 2.4.0 in /scanners/tls-processor by @dependabot in #3721
• Bump pyjwt from 2.1.0 to 2.4.0 in /scanners/https-processor by @dependabot in #3722
• Bump pyjwt from 2.3.0 to 2.4.0 in /scanners/tls-processor by @dependabot in #3734
• Remove cronjob concurrency as istio sidecar forces pod to stay alive by @FestiveKyle in #3741
• Add scan requests by @FestiveKyle in #3743
• Bump pyjwt from 2.1.0 to 2.4.0 in /services/guidance by @dependabot in #3735
• Bump pyjwt from 2.1.0 to 2.4.0 in /scanners/https-processor by @dependabot in #3736
• remove unused arangojs dep by @lcampbell2 in #3732
• Add backup restore job by @FestiveKyle in #3751
• Fix domain removal by @FestiveKyle in #3759
• Update eslint plugins by @sleepycat in #3744
• Update Policy Links by @lcampbell2 in #3792
• add close account button to SA userlist by @lcampbell2 in #3785
• Improve Frontend Tests by @lcampbell2 in #3795
• Add org domain status to csv button by @FestiveKyle in #3848
• Add istio tracing to test cluster by @FestiveKyle in #3802
• Remove hsts age rule by @FestiveKyle in #3827
• Disable tls1.3 by default for compliance by @FestiveKyle in #3828
• Webcheck API Schema by @lcampbell2 in #3854
• Remove required positive dkim tags for passing status by @FestiveKyle in #3900
• Change base image from ubuntu 21.04 (eof) to 20.04 by @FestiveKyle in #3901
• Remove dkim6 for cause of failing dkim by @FestiveKyle in #3902
• Bump terser from 5.8.0 to 5.14.2 in /api by @dependabot in #3864
• Bump moment from 2.29.3 to 2.29.4 in /services/dmarc-report by @dependabot in #3904
• Bump moment from 2.29.2 to 2.29.4 in /api by @dependabot in #3905
• update nodemon to 2.0.19 by @lcampbell2 in #3906
• Switch cert bot email and switch cert secret name by @FestiveKyle in #3919
• Disable prometheus on gke (erroring) by @FestiveKyle in #3920
• Use equal for patch by @FestiveKyle in #3921
• bump @visx deps by @lcampbell2 in #3907
• Bump frontend dev dependencies by @lcampbell2 in #3923
• Move cert manager service account patch to strategic merge by @FestiveKyle in #3922
• Bump ChakraUI dependencies by @lcampbell2 in #3909
• React 17 Upgrade by @lcampbell2 in #3932
• add dynamic year to dmarc data tests by @lcampbell2 in #3952
• Allow acronym with lowercase letters by @FestiveKyle in #3984
• Check tls 1.3 by @FestiveKyle in #3989
• Remove elif while adding tls version scans by @FestiveKyle in #3990
• AB Testing in Frontend by @lcampbell2 in #3988
• Upgrade to React 18 by @lcampbell2 in #3960
• Add export all org domain statuses by @FestiveKyle in #4000
• Fix scan button on guidance page by @FestiveKyle in #4001
• Organization-level Domain Tags by @lcampbell2 in #3879
• myTracker View by @lcampbell2 in #3925
• Add www subdomain warning by @FestiveKyle in #4057
• Tracker 2.1 Guidance by @lcampbell2 in #4044
• Update documentation1 by @h701h in #4046
• remove references to ITPIN in used components by @lcampbell2 in #4069
• Fix email verify page by @lcampbell2 in #4079
• Add composition to scan cards by @FestiveKyle in #4074
• Fix AB Wrapper on navbar by @lcampbell2 in #4080
• replace ITPIN references with WSSMCR by @lcampbell2 in #4082
• Fix titles for curves and ciphers areas by @FestiveKyle in #4083
• upgrade ubuntu to 22.04 by @lcampbell2 in #4084
• Fix email guidance page by @FestiveKyle in #4087
• User activity audit logging by @lcampbell2 in #4073
• fix bug where SA logs don't appear by @lcampbell2 in #4088
• Use AB testing for activity logs by @lcampbell2 in #4093
• change ubuntu image versions to 20.04 by @lcampbell2 in #4090
• Add subdomain warning to organization domains page by @FestiveKyle in #4097
• Add Feature Preview Toggle by @lcampbell2 in #4096
• Fix Org Activity Tab by @lcampbell2 in #4100
• Bump apollo-server-core from 3.6.3 to 3.11.1 in /api by @dependabot in #4098
• Show curves on guidance page by @FestiveKyle in #4101
• fix curves by @lcampbell2 in #4102
• Bump loader-utils from 1.4.0 to 1.4.1 in /front...